Nokia Siemens Networks

Resilient IP network architectures

Enabling multiplay services with
ResIP-certified solutions

White Paper

Contents
2

Executive summary

Introduction

Living up to expectations
for multiplay services

Subscriber management
and provisioning

Setting the QoS standard

for multiplay

Securing multiplay
services

Implementing scalable
network topologies

Designing the core

11

Conclusion

Resilient IP network architectures

Executive summary
Modern-day broadband networks
deliver multiplay video, voice, music,
gaming, and other services. Some are
already interactive; many are
converging further. But all are pushing
networks availability and real-time
capabilities to their limits. This has
service providers struggling to strike a
balance among their biggest business
concerns - capacity, scalability,
customer satisfaction, and cost.
The Nokia Siemens Networks ResIP
Center addresses these bottom-line
realities by combining best-of-breed
products, both homegrown and
sourced from partners, to engineer
solutions that ensure interoperability,

scale to fit, and mitigate deployment

risk. They enable providers to bring
multiplay services to market that much
faster and treat customers to a more
gratifying experience. And with the
support of professional network audit,
design, planning, and implementation
services, providers can tailor ResIPcertified solutions to suit their networks
and multiplay offerings. This paper
looks closer at the ResIP design
guidelines that enable multiplay
delivery, and how certified solutions
benefit service providers.

Introduction
In todays broadband market, service
providers differentiate their brands by
offering compelling packages aimed to
grow market share, revenue, and
margins. These multiplay services
encompass:
Voice over IP (VoIP) with full public
network interconnectivity
IPTV and premium entertainment
services (Pay TV)
Data for Internet access, quality
assurance, and virtual private
network (VPN) services
Interactive gaming
Video conferencing
With Digital Subscriber Line (DSL)
setups migrating to aggregation based
on Multiprotocol Label Switching
(MPLS) and Virtual Private LAN
Services (VPLS) to support higher bit
rates and richer services, architectural
issues are becoming a prime concern:
Where should critical subscriber
management features, policy
enforcement points, and IP routing
intelligence reside?
Experts in the ResIP Center have
developed, validated, optimized, and
certified IP solutions to help service
providers make the right decisions.
Tests at the ResIP Center have
confirmed that:
Given the right quality of service
(QoS) architecture, high-priority
video and premium data traffic flows
smoothly despite congestion. And
with the benefit of hierarchical
scheduling, bandwidth may be
prioritized among one subscribers

applications and distributed among

different types of subscribers.
An easy-to-use system for
managing subscribers and
operating, maintaining, and scaling
the network drives down operational
expenditure (OPEX).
Service providers enjoy carriergrade Ethernets built-in benefits
with higher bandwidth at lower cost,
and the flexibility achieved by
decoupling the dedicated Customer
Virtual Local Area Network
(C-VLAN) and QoS (IEEE 802.1p).
Each C-VLAN isolates that
subscribers traffic to improve
security, ease of operation, and
troubleshooting.
Using a Broadband Services Router
(BSR) as a single service delivery
point across multiple access
technologies streamlines and
simplifies operations.
The Bidirectional Forwarding
Detection (BFD) protocol, combined
with VPLS and MPLS, enables
multiplay services to detect link
failures and recover quickly. Access
and backbone recovery
technologies satisfy video services
stringent demands.
Video services bandwidth needs
can be met with MPLS autobandwidth and traffic engineering
capabilities.

The ResIP Center puts these findings

into practice with solutions designed to
ramp up multiplay services and
provide an assured user experience.

Featuring products that have proven

their merits in many and very different
architectures, these solutions:
Minimize deployment risk and
facilitate growth: Verified and
integrated to scale to up to 50
million users, these solutions
resolve heterogeneous networks
interoperability issues.
Ensure quality QoS: Certified
multiplay solutions de facto QoS
standard turns the quality issue into
a competitive advantage, helping to
boost customer satisfaction and
reduce churn.
Cut costs and accommodate
change: Engineered for OPEX and
CAPEX (capital expenditure)
savings, this future-proof network
design delivers utmost value.
Another major concern is the question
of centralized vs. distributed and single
edge vs. multi-edge architecture. Some
like the single edge because one
network element sees all traffic,
making services and policies easier to
manage. Others prefer multi-edge
architecture because it is more
distributed and flexible, enabling
different services to be inserted from
different points in the network.
The ResIP Center has a carrier-grade
solution based on a proven concept,
underpinned by engineering rules and
test results, for each of these
approaches.

Resilient IP network architectures

Living up to expectations for multiplay

services
Rolling out new services entails
technology risks. The ResIP Centers
design guidelines aim to minimize
these risks by:
Simplifying service and network
provisioning: Adding new customers,
bandwidth and services, changing
preferences, moving to new network
addresses all this involves amending
subscriber policies and reconfiguring
networks. The trick is to minimize
manual interaction and the number of
elements affected by such changes
especially in large broadband networks
serving millions of subscribers.
New services must be interfaced with
back-end subscriber, service, and
billing systems. With one delivery point
in the network, services can be rolled
out without reengineering the access
domain. Designed for multi-technology,
multi-domain, and multi-vendor
networks, NetAct Transport is a single
system that manages all Nokia
Siemens Networks transport and
packet products, as well as key partner
products.

Resilient IP network architectures

Ensuring quality: QoS is critical to

video and voice services. IPTV and the
like must rival or surpass cable and
satellite quality. Users do not take
kindly to voice services plagued by
jitter, delay, and loss. Video services
are even more sensitive. Lost packets
cause annoying on-screen glitches;
delays during video conference calls
throws the synchronization off. Nokia
Siemens Networks has verified a QoS
mechanism that identifies different
traffic types and manages each type
across multiple links and according to
its requirements.
Preventing attacks to maintain trust:
Subscribers trust conventional voice
services because TDM assured the
integrity of calls. Service providers
must maintain this confidence while
migrating to multiplay services over
broadband access networks. A ResIPcertified network leverages access
control, stateful firewalls, subscriber
traffic isolation, and other security
features to safeguard network assets
and the user experience.

Scaling for growth and change:

Video requires far more bandwidth
than VoIP and Web access: A
standard-definition TV stream
consumes 2 to 4 Mbps, and the same
program in HD format 8 to 19 Mbps,
depending on encoding and
compression. A well-engineered
network keeps pace with growing
bandwidth demand by design.
Moreover, it provides an efficient
platform for launching new services
and updating subscriptions on the fly.
Having deployed many of the worlds
largest broadband networks, Nokia
Siemens Networks has the experience
and design skills necessary to scale
networks cost-efficiently for voice,
video, and data services.
Ensuring always-on availability for
premium services: Users expect
broadband networks to deliver
premium services on par with those of
conventional voice and video systems.
Networks must be resilient enough to
continue delivering quality service even
when failures occur. This mandates
sub-second fault recovery. Nokia
Siemens Networks incorporates
multiple features and safeguards that
cushion subscribers against faults and
service interruptions.

Subscriber management and

provisioning
The network edge is critical for
multiplay services. Edge infrastructures
that constrain services curb revenues
and margins. The remedy for these
constrictions is to combine feature-rich
subscriber management capabilities
with effortless provisioning.

Network provisioning
The design principle for ResIP
multiplay access and edge domains is
deceptively simple: Commission the
network once and for all so that
adding new subscribers and launching
new services requires fewest elements
to be reconfigured.
The DSLAM (DSL Access Multiplexer)
can be provisioned in bulk to switch the
incoming DSL line or VC (virtual circuit)
and traffic to a C-VLAN. The DSLAM,
or aggregation switch, can also add an
outer tag (S-VLAN) to make the
aggregation network more scalable.
The carrier-grade Ethernet aggregation
network uses VLPS instances,
allocated per DLSAM. Configured upon
deployment, they need not be changed
later.
The BNG (Border Network Gateway)
automatically detects new customer
VLANs and user sessions. This is all it
takes to connect new customers once
the DSLAM and DSL modem are in
place.

Subscriber auto-detection
The BNG router senses C-VLANs,
S-VLANs (Service VLAN), and Pointto-Point Protocol over Ethernet
(PPPoE) and Dynamic Host
Configuration Protocol (DHCP) /

Internet Protocol Over Ethernet (IPoE)

sessions automatically. The system
generates new interfaces dynamically,
with interface layers constructed
according to the incoming packets
encapsulation.
Static interfaces allocate system
resources even when dormant. Autodetection-driven dynamic interfaces
exploit resources on demand, based
on the incoming packets content. They
are also deleted dynamically, without
human intervention, to free up
resources.

Service provisioning
Auto-detection plus auto-configuration
equals zero-touch provisioning. Verified
for Ethernet aggregation networks,
these carrier-grade zero-touch and
bulk provisioning capabilities make the
ResIP-certified multiplay concept
special. They auto-detect the
encapsulation protocol (DHCP/IPoE)
on an Ethernet VLAN, and then
authenticate the session via RADIUS.
Option 82 and the DSL line identifier or
the physical devices MAC address can
be forwarded to the RADIUS server for
DHCP authentication. This means the
same PPP (Point-To-Point Protocol)
subscriber management capability can
cover DHCP subscriber access. These
automated mechanisms:
Create the C-VLAN and an IP
interface for the session
Sense new sessions (PPP or
DHCP/IPoE)
Assign the service profile via the
BNG or RADIUS

All functions are triggered regardless of

protocol type, thereby streamlining
operations and cutting costs. Also,
these routers are built for flexibility.
Their many subscriber management
features support access methods,
authentication, and policy management
options that best suit service providers
operating and market needs.

Layer-2 Control for even better

provisioning
The DSL Forums recommendations
identify queuing and scheduling
mechanisms to avoid congestion in the
access network while handling multiple
flows with distinct QoS requirements.
To this end, the BNG needs to know
the access networks topology, the
various links in use, and their
respective rates. Some of these data
such as the DSL sync rate are
dynamic, which a provisioning or
inventory management system is
unable to provide. Other data such as
a DSLAM uplinks capacity fluctuate
less frequently, but the BNG still has to
get an accurate picture of the uplinks
capacity.The Access Network Control
Protocol (ANCP) inserts an interface
between the DSLAM and BNG to
communicate the DSL rate, support
operations, admin and maintenance,
and extend subscriber-aware multicast
forwarding data to the DSLAM.

Resilient IP network architectures

Setting the QoS standard for multiplay

Todays networks must support all
services, from best-effort to premium,
with the appropriate QoS because:
Subscribers expect providers to live
up to their bandwidth commitments
and want their fair share of available
bandwidth.
Providers wish to offer different
service levels to tap new revenue
streams, for example, by prioritzing
business subscribers over
residential users, and missioncritical applications over best-effort
data.
Nokia Siemens Networks engineers
core and edge networks to support a
mix of services, up to 50 percent of
which constitute high-priority, real-time
traffic. This guarantees sufficient
network resources are available at any
single point of failure.

Access
High-bandwidth applications can easily
clog the access network. It takes
superior traffic management to
guarantee true QoS and cost-effective
provisioning. The access network must
run at peak rates while ensuring bursty
applications do not adversely affect the
quality of delay-sensitive premium
services.
All nodes in Nokia Siemens Networks
access and aggregation architectures
support traffic prioritized by multi-field
classification, policing and shaping,
and bandwidth as specified by the
user-defined service level agreement
(SLA).
Traffic may be classed and mapped to
prioritized groups according to the
ingress port, the VLAN tag, Ethernet
priority, the IP Type of Service (TOS)
and Differentiated Services Code Point
(DSCP) field, and the target IP
address.

Resilient IP network architectures

The bit indicating drop precedence is

also marked in the frame, and colorcoded accordingly. Customerconfigurable parameters the
Committed Information Rate (CIR),
Excess Information Rate (EIR),
Committed Burst Rate (CBR), and
Excess Burst Rate (EBR) - serve to
police and shape traffic and ensure
each flow gets the right bandwidth,
priority, and SLA.

IP edge
Functions at the edge support IP
services by authenticating users and
distributing videos and broadcast TV.
There are two basic IP edge designs:
In a single edge, the same IP edge
router delivers all services within the
same user session. Services are
scheduled hierarchically, with the
appropriate QoS being assigned to
each. A single edge is usually paired
with a C-VLAN in the access
network. Delivering all services from
one point in the network has its
benefits: Service-based accounting
and policy enforcement are much
easier to implement.
In a multiple edge, different edge
routers deliver different services, for
example, one device provides
Internet access and the other IPTV.
A multiple edge is paired with
S-VLANs in the access networks.
This requires less complex and
costly edge devices, and makes
topologies more flexible. Bandwidthhungry applications may be ported
to the access network to offload
traffic from the core.
Nokia Siemens Networks put both
designs through a battery of tests and
developed rigorous engineering rules
and design guidelines for each.

IP core
Core routers offer a rich feature set
that supports differentiated service
classes for IP and MPLS traffic.
Applying a set of primitives to different
protocols, they use traffic policing, drop
priorities, queuing, and scheduling
mechanisms to achieve the
appropriate QoS. The traffic type rather
than the subscriber determines
priorities in the IP core. Multiplay
requires this differentiation so that each
traffic type is mapped to the scheduling
and QoS mechanisms required to
meet the various services QoS needs.

Insights from the ResIP

Center
The ResIP Center tested these
principles, parameters, and
policies and found that:
Prioritization mechanisms
work well in the access
network (IEEE 802.1p bits
or DSCP), the IP edge
(hierarchical scheduling),
the IP core (DSCP), and
in combination with link
aggregation (IEEE 802.3ad).
Different traffic types in the
same queue can be prioritized
using Weighted Random
Early Detection (WRED).
Heavy traffic loads do not
adversely affect prioritization
mechanisms.
Video applications are very
sensitive to packet loss.
Voice quality remains
consistent even in the event
of significant packet loss
(10%), especially when the
effects are masked using
packet loss concealment.
The performance remains the
same with codecs other than
G.711.

Securing multiplay services

Network security technologies protect
computing and information assets,
preventing attacks from inside and
outside the IP network on any
connected element. Some target
specific applications (e-mail) or
computing platforms (server farms);
others infrastructure (routers). Carriergrade routers and effective means
such as packet filtering, traffic policing,
and encryption to control every session
mitigate these vulnerabilities.

Implementing ubiquitous packet

filtering and traffic policing
The router must support highly
scalable filtering capabilities, unicast
reverse path forwarding, and highperformance rate limiting for industryleading denial of service (DoS) attack
protection. Service providers should
activate these functions and use them
with filter policies to guard
management communications against
SYN flood DoS attacks. This protects
every node and service throughout the
network without compromising
performance. Filters that restrict local
packets traversing from a physical port
to the routing engine protect the
routers control plane. Further
ubiquitous security features such as
port mirroring, encrypted management

session traffic, secure tunneling

capabilities, secure remote logins,
configurable privilege levels, and user
accounts secure the infrastructure.

Protecting against DoS attacks

Many DoS attacks target a host with a
distributed flood of traffic. The
countermeasure is to confine such
attacks by policing traffic in the core
routers. To do this, Internet Control
Message Protocol (ICMP) traffic is
policed at a level that allows the router
to accept ICMP traffic yet diminishes
smurf attacks.

the DSLAM and BNG, and routing all

client (PPPoE/DHCP) traffic through
the BNG to precluded direct peer-topeer traffic. PPPoE duplicates
protection mechanisms to prevent a
client from setting up more than one
session using the same MAC
address. The ResIP Center has
verified that the uRPF features work
without affecting routers forwarding
performance. ResIP-certified multiplay
solutions provide high security by
enforcing common security policies
throughout the network and isolating
subscriber traffic streams.

Routers also feature unicast reversepath forwarding (uRPF) to pinpoint the

source of attacks, reject packets from
unexpected sources, and accept traffic
only from sources in networks listed in
the routing table. Set to an even more
rigorous mode for edge deployment,
routers accept only traffic from known
sources.

Preventing spoofing
Validating all incoming packets source
address improves network security.
Validation tools for all active clients
prevent malicious attackers from
forging source address. This is done
by inserting a Layer 2 plane between

Resilient IP network architectures

Implementing scalable network topologies

It takes a cost-effective, scalable
network topology to deliver high-quality
multiplay services to millions of
multimedia subscribers and turn a
profit. Designed for economy and
scalability, ResIP-certified multiplay
solutions comprise access, core, and
edge router topologies built on the
experience gained in countless
deployments.

Designing the access network

Ethernet is the most popular LAN
technology. It can serve several
purposes as a pure Layer 2 transport
mechanism, a means for offering VPN
services, or a broadband technology
for delivering multiple services to
residential customers. And all-Ethernet
access and aggregation infrastructure
is the best way to keep CAPEX and
OPEX in check while satisfying fastgrowing demand for multiplay services.
Given scalability and resilience,
Ethernet can make major inroads into
the service providers domain. Both
can be achieved with VPLS, an MPLSbased Ethernet service technology.
Enabling clear segmentation at the
logical level, it sidesteps the scalability
issues of a flat Ethernet network. VPLS
also benefits from MPLS features such
as enhanced resiliency and traffic
engineering.

Resilient IP network architectures

Connecting the BNG to the IP

backbone
The edge sites hosting the BNG are
dual-homed to the core network, so the
BNGs capabilities are most effective at
preventing any single failure.

Creating the IP backbone

Purpose-built hardware and modular
software have boosted routers
availability. They enable service
providers to upgrade select software
without rebooting the entire code, to
hot-swap line cards, and to smoothly
restart protocols.
Any two access areas need to be
connected by at least two distinct paths
so that no single failure can separate
them. Two parallel planes,
interconnected locally within the edge
and at core router sites, serve to
achieve this redundancy.
Nonetheless, each site should house
two routers to cut maintenance costs
and protect against catastrophic events
such as building power failures and
natural disasters.

Single-edge access design with

customer VLANs and VPLS
Ethernet excels at providing higher
bandwidth at lower cost. Simple Layer
2 forwarding in the access network

reduces CAPEX. Mass preprovisioning that is, setting up VLANs

port by port up front makes OPEX
more predictable. The same goes for
circumventing the complexities of
service-based provisioning.
Second-mile aggregation requires
great scalability. The ResIP Center has
verified the benefits of the VLAN
scheme for first-mile access:
Layer 2 address tables are much
smaller with VPLS. Rather than
using one large table for the entire
access and aggregation network,
they store only the Layer 2
addresses of one access nodes
chain.
VPLS bases on MPLS and benefits
from its advantages: MPLS fast
reroute feature accelerates failover,
while traffic engineering features
enable dedicated bandwidth
assignment and management.

CPE simplicity
C-VLANs make it easy to migrate
access networks and multiplay
services from ATM to Ethernet without
affecting the subscribers DSL modem.
Mapping the C-VLAN and the
customer-provisioned VCs connectivity
from the DSLAM down to the home
gateway or customer premises
equipment (CPE) is simple. Many
service providers have used a single
VC model for Internet broadband
access.

Designing the core

The recipe for an IP/MPLS core calls
for several ingredients. One is an
Interior Gateway Protocol (IGP), for
which both the Intermediate System to
Intermediate System (IS-IS) and the
Open Shortest Path First (OSPF)
protocols may be used. IS-ISs area
design is simpler and IPv4 and IPv6
routes are easier to integrate. Both can
use the Bidirectional Forwarding
Detection Protocol (BFD) to detect
failures within tens of milliseconds,
even at the Layer 3 level.

Handling routes
The key to building a scalable network
is to keep the IGP small. The Border
Gateway Protocol (BGP) carries many
prefixes around the ISP backbone so
that some engineers see the iBGP
(internal BGP) as their networks
interior routing protocol.
The IGP typically carries backbone
point-to-point links and router
loopback interface addresses.
The iBGP carries customerassigned address blocks, access
network address pools, any other
prefixes that need not be carried in
the IGP, and some or all of the
Internet Route Table.
The eBGP (external BGP) carries
prefixes between ISPs and
implements routing policy between
ISPs.
This is a very different model from
those used in the Internets infancy,
where the IGP carried all prefixes in
the ISPs backbone, and the BGP
merely exchanged prefixes between
autonomous systems.
In contrast to IGPs, an iBGP offers
great scalability courtesy of route
reflectors and confederations. This

makes it an excellent tool for carrying

prefixes across the ISPs backbone.
The single-layer IGPs biggest benefit
is that every router is fully aware of
the topology, which is a prerequisite for
features such as MPLS fast reroute.

Industrial-strength BGP
implementation
The learning curve for implementing
the BGP4 protocol is steep. A carriergrade BGP4 implementation requires
support for scores of features and
extensions. ResIP-certified multiplay
solutions rely heavily on a robust BGP
implementation because the iBGP and
eBGP transport all IP reachability
information.

Taking a router out of service

Both OSPF and IS-IS protocols enable
operators to simplify maintenance by
declaring an overload condition. In the
case of IS-IS, setting the overload bit
compels the router to signal this status
to neighboring routers so that transit
traffic is rerouted to other links without
losing packets.

Using MPLS in the core

When IGP/BGP routes transport all
traffic, it always flows via the shortest
path between the source and
destination. This path is hardwired into
the design. So, the operator of an IGP
network that uses IS-IS or OSPF must
identify the worst-case traffic matrix for
voice and video, and then configure
the network to map to it.
Traffic engineering is crucial given the
multiplay bandwidth demands. And

MPLS-TE is the right choice because

it uses network resources more
efficiently, especially when traffic
patterns change markedly. Routers
must support the MPLS feature set,
including constraint-based routing,
fast reroute, and traffic engineering.

MPLS protection mechanisms

Failures are inevitable, so links and
nodes need the kind of protection
afforded optical transmission layers. It
may be provided at very low cost
using one or a combination of these
MPLS mechanisms:
MPLS load balancing:
Each LSP can be equipped with its
own metric. When several LSPs
targeting the same destination share
the same metric, the MPLS network
balances traffic to that destination
across these LSPs. Each microflow
follows the same physical path. Its two
biggest advantages over other
mechansims are that:
It addresses primary LSPs only, so
all available MPLS features may be
used for all LSPs. Some, like autobandwidth, are as yet unavailable
for secondary LSPs.
It protects against LSP egress
router failure, which none of the
other mechanisms can do.
MPLS fast reroute:
Very fast switch-over to a standby
detour path minimizes packet loss
when a circuit or node fails, and keeps
packets flowing until the original LSP
is rerouted or traffic is switched to a
secondary LSP, usually within 50 to
100 msec.

Resilient IP network architectures

10

MPLS primary/secondary LSPs:

The routing engine reroutes a primary
LSP to secondary LSPs when a node
or link fails. Failover time depends on
the number of failed LSPs, the distance
an LSP must cover, and if standby
LSPs are presignaled.

MPLS prioritization
IGP/BGP traffic generally has priority
over LSP traffic. All traffic must be
mapped correctly into queues so that
the routers scheduler can prioritize it.
Each packets EXP bits must be set
accordingly for traffic transported via
LSPs.

MPLS traffic engineering

MPLS outshines any pure IGP/BGP
setups traffic engineering capability. It
finds the shortest path between the
source and destination regardless of
traffic distribution, and defines
forwarding paths so that no link is
overloaded by a given traffic matrix. A
defined amount of bandwidth is
reserved for each link. An LSP may
use a link only if it provides enough
unreserved bandwidth. This autobandwidth feature helps the network
dynamically adapt LSPs and their
reservations to traffic matrices. In the
event of a bottleneck, the routers
automatically reroute some of the
affected LSPs over less congested
links. DiffServ-aware MPLS-TE
provides even greater flexibility by
making reservations according to traffic
class rather than merely by physical
link.

Resilient IP network architectures

Insights from the ResIP

Center
The ResIP Center tested MPLS
prioritization, auto-bandwidth,
and failover capabilities for their
multiplay suitability and found
that:
Physical failures such as line
cuts or router outages
are detected immediately.
Both IGP reroutes and BGP
updates are quickly done,
achieving sub-second failover
times.
The BFD detects a Layer
3 failure within 300
milliseconds.
Routers with redundant
routing engines restart and
switch over smoothly, with
just a few milliseconds outage
time.
Given fast failure detection,
neither an iBGP nor an eBGP
significantly increase failover
time.
Using the overload bit to
remove a router from the
network causes no packet
loss.

11

Conclusion
Next-generation multiplay services
raise the bar for network performance.
Conventional architecture falls short of
providing the necessary bandwidth and
availability, not to mention reducing
packet loss and cost. This is why Nokia
Siemens Networks teamed up with the
leading IP vendors Cisco and Juniper
to develop a multiplay concept that:
Limits deployment risks
Enhances QoS
Provides a scalbable platform for
growth and change

Powered by the best products and

solutions drawn from homegrown and
partners portfolios, this multiplay
concept has been certified in the Nokia
Siemens Networks ResIP Center.
Based on IP/MPLS with traffic
engineering mechanisms, it offers
optimized bandwidth management and
far greater reliability throughout the
cores virtual network resources.
Featuring a well-designed multi-vendor
and multi-technology management
entity, it drives down OPEX and spares
CAPEX up front. Its QoS architecture

identifies various traffic types and

manages each according to its
requirements across multiple links and
network elements. Beyond that, it
protects voice and video services
against network-based attacks and
repels DoS attacks.
With professional network audit,
design, planning, and implementation
support to draw on, service providers
can tailor each ResIP-certified multiply
solution to suit their needs and
business models.

Resilient IP network architectures

Nokia Siemens Networks

P.O. Box 1
FI-02022 NOKIA SIEMENS NETWORKS
Finland
Visiting address:
Karaportti 3, ESPOO, Finland
Switchboard +358 71 400 4000 (Finland)
Switchboard +49 89 5159 01 (Germany)
Order No. C401-00693-WP-201102-1-EN
Copyright 2011 Nokia Siemens Networks.
All rights reserved.
Nokia is a registered trademark of Nokia Corporation,
Siemens is a registered trademark of Siemens AG.
The wave logo is a trademark of Nokia Siemens
Networks Oy. Other company and product names
mentioned in this document may be trademarks of
their respective owners, and they are mentioned for
identification purposes only.
This publication is issued to provide information only
and is not to form part of any order or contract.
The products and services described herein are
subject to availability and change without notice.

www.nokiasiemensnetworks.com

Every effort is made to ensure that our

communications materials have as little
impact on the environment as possible